package com.lcf.app.shiro.controller;

import com.lcf.common.web.Result;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.*;


/**
 * @author ChenFei
 * @date 2021/11/2
 */
@RestController
@RequestMapping("user")
public class UserController {

    @GetMapping("login")
    public Result<String> login(String username, String password) {//测试账户：admin；密码：123456
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken(username, password);
        subject.login(token);
        //subject.getSession().setTimeout();//设置回话过期时间
        return Result.success();
    }

    @GetMapping("logout")
    public Result logout() {
        SecurityUtils.getSubject().logout();
        return Result.success();
    }

    @GetMapping("message")
    public Result<String> message() {
        return Result.fail("请先登录！");
    }

    //这里只是为了方便测试，所以用的都是@GetMapping

    @GetMapping("list")
    @RequiresPermissions(value = {"user:read", "user:update", "user:remove", "user:save"}, logical = Logical.OR)
    public Result list() {
        return Result.success();
    }

    @GetMapping("get")
    @RequiresPermissions(value = {"user:read"})
    public Result get() {
        return Result.success();
    }

    @GetMapping("save")
    @RequiresPermissions(value = {"user:save"})
    public Result save() {
        return Result.success();
    }

    @GetMapping("update")
    @RequiresPermissions(value = {"user:update"})
    public Result update() {
        return Result.success();
    }

    @GetMapping("remove")
    @RequiresPermissions(value = {"user:remove"})
    public Result remove() {
        return Result.success();
    }

}
